Re: [sacm] WGLC for draft-ietf-sacm-ecp
Ira McDonald <blueroofmusic@gmail.com> Thu, 25 July 2019 15:20 UTC
Return-Path: <blueroofmusic@gmail.com>
X-Original-To: sacm@ietfa.amsl.com
Delivered-To: sacm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A690D120071 for <sacm@ietfa.amsl.com>; Thu, 25 Jul 2019 08:20:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ArUbzsulEvis for <sacm@ietfa.amsl.com>; Thu, 25 Jul 2019 08:20:43 -0700 (PDT)
Received: from mail-yw1-xc34.google.com (mail-yw1-xc34.google.com [IPv6:2607:f8b0:4864:20::c34]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AB93712006D for <sacm@ietf.org>; Thu, 25 Jul 2019 08:20:43 -0700 (PDT)
Received: by mail-yw1-xc34.google.com with SMTP id f187so19361842ywa.5 for <sacm@ietf.org>; Thu, 25 Jul 2019 08:20:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=RUHFuIhbMOfwnjrui4pbvE3aJIs3c61C81df3eob7S0=; b=i8+ZTP314qQMszOCcY1VNwbeuCajEPKnn7+rs4fzh0UBgxuflyvWcf9E3Z8gWW5dEL SjFb/bzvjcuYvv06bWm8cdXk9GoctYJOI4ogKzUG6gBEFi6jqN9iIsFzCe/uLYYV3TJY ITfknjJYLnuVf0DQhZ9oKm+8z2Zm/kL5qX3VZNB4lYBSeejaUQAs2umCGHCs7MFt52Ec +jPjHDAc9Z8Sjpg1Xr5vHo5kileCVzdLPQrvmv/a1uJgmctju03pN5XsCgujupAgy9fg lTQs5p8zjW/0Q7m1i+wnIrQI8lo9kTa9hzsufc2cm5k48dpX+tWfIf5lK0XR4Pk5TbVv NgyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=RUHFuIhbMOfwnjrui4pbvE3aJIs3c61C81df3eob7S0=; b=dKMSvzs1BUSM0A319YcuPmNu7/WcuXKx3/blGM1C+x7ZosfBHeLrb3nVslLN49Vbds NGPFvGUfiS8f5pMyssPlwOiFiu7r/z4NS8o/jhOVgHZ9ot/Svf1ZVqOC+ookdbyzrPQI LTq3yphlJeEscX8TRPWxx6vcVln+aoqk+4EyMXnI8XrwLy+MHMSEbfOiV0ZIfXj6HQgn 2mteV8MAIYX3qgRE4kAPpdtwYfQbu1+TR5MwA7pGOLg1WdybqYlSmKrVYIn6R2dclGTz foZJhwy8Uun2x3kzoo4SfajX1nlj+7rUVAnsabyqmBX20p0UnMdnB6m7pIop38y3h+LF IVEw==
X-Gm-Message-State: APjAAAXs/+cadxQXmLHm+cDQ/dyxKnRFEU7+IMY5B7GRk1z1owtchbCK ibRZTU/RtlRfPIaORxRR73FBxzvHlY9QAjJQTdk=
X-Google-Smtp-Source: APXvYqzvv+raMpGtqhwpf7lIOwtyjpWXmPxSk4ryz6+lB7VHOTrb3s7Fr3VilLVGJWAg6zBZXH0jKIHEhXkk5ydk8TM=
X-Received: by 2002:a0d:c044:: with SMTP id b65mr52054341ywd.273.1564068042947; Thu, 25 Jul 2019 08:20:42 -0700 (PDT)
MIME-Version: 1.0
References: <5B73FDDD-680A-4596-99FA-920B0776D862@isoc.org> <CAN40gStnjDOxSNJ8e3+kNwzB8N7z7KD79qqnEexKx9OgPaW8iw@mail.gmail.com> <CAM+R6NUxVu35=3C_Q=XmacQKOuqO85FmnwePBffEexua5r5jFQ@mail.gmail.com>
In-Reply-To: <CAM+R6NUxVu35=3C_Q=XmacQKOuqO85FmnwePBffEexua5r5jFQ@mail.gmail.com>
From: Ira McDonald <blueroofmusic@gmail.com>
Date: Thu, 25 Jul 2019 11:20:32 -0400
Message-ID: <CAN40gSu0v_ohC8Hmf2av8ks3DyHR5rtq2ENcUdCi9fokvbDd1A@mail.gmail.com>
To: Jessica Fitzgerald-McKay <jmfmckay@gmail.com>, Ira McDonald <blueroofmusic@gmail.com>
Cc: Karen O'Donoghue <odonoghue@isoc.org>, "sacm@ietf.org" <sacm@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000001abf1b058e82f8c1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/sacm/S6PWifMqKPb9S7bg5ZeXYZlK2FY>
Subject: Re: [sacm] WGLC for draft-ietf-sacm-ecp
X-BeenThere: sacm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: SACM WG mail list <sacm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sacm>, <mailto:sacm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/sacm/>
List-Post: <mailto:sacm@ietf.org>
List-Help: <mailto:sacm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sacm>, <mailto:sacm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Jul 2019 15:20:48 -0000
Hi Jess, Yes to all of your responses and suggestions. Cheers, - Ira Ira McDonald (Musician / Software Architect) Co-Chair - TCG Trusted Mobility Solutions WG Co-Chair - TCG Metadata Access Protocol SG Chair - Linux Foundation Open Printing WG Secretary - IEEE-ISTO Printer Working Group Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG IETF Designated Expert - IPP & Printer MIB Blue Roof Music / High North Inc http://sites.google.com/site/blueroofmusic http://sites.google.com/site/highnorthinc mailto: blueroofmusic@gmail.com PO Box 221 Grand Marais, MI 49839 906-494-2434 On Thu, Jul 25, 2019 at 11:11 AM Jessica Fitzgerald-McKay < jmfmckay@gmail.com> wrote: > Ira, > Thank you for the review. Responses in-line denoted by [jmf]. > > > On Tue, Jul 2, 2019 at 12:07 PM Ira McDonald <blueroofmusic@gmail.com> > wrote: > >> Hi, >> >> Ira's comments on <draft-ietf-sacm-ecp-05> >> >> 3.2.1. Provisioning >> >> - Describes one-time setup examples of serial numbers (immutable), >> hardware certificates (long-lived), and device MAC addresses, which >> are NOT immutable and *should* be changing for Random MAC address >> usage over time, per recent IEEE 1609 (WAVE), IEEE 802.11 (Wi-Fi), >> and Common Criteria protection profile recommendations. >> >> - Recommend removing the MAC address example from this clause. >> > > [jmf] We've had lots of discussion around the MAC address issue. I realize > here you are not arguing against it's use as a device identifier, but are > saying that it ought to be differentiated from other more permanent > identifiers. I believe, though, that we still want to capture the idea that > a device should be provisioned with a MAC address initially, even though > that MAC address ought to change. Perhaps we can remove the MAC address > example from this sentence, but add a new sentence immediately afterwards > saying that the device should have one, and it should change over time. > Would that work? > >> >> 6. Future Work >> >> "Reassess the use of MAC addresses, including market research to >> determine if MAC addresses continue to be a widely implemented >> device identifier among network tools." >> >> - Market research showing the continued unwise use of fixed MAC >> addresses in Enterprise networks is not a valid criteria. This is >> one of many bad security practices that are hard to stamp out. >> >> - Recommend changing to: >> "Reassess the use of MAC addresses, based on technical research >> into current security best practices in IoT, automotive, mobile, >> and other privacy sensitive market domains." >> > > [jmf] I agree with you, but, MAC addresses continue to be used by network > tools, and the ECPC will likely not change that. We've been round and round > on this issue, and I'd like to firmly settle it, but, until the market > moves along with us, it'll remain open. I would like to add in your words > about technical research, and keep the notion that we are really only > collecting MAC addresses because we need to be able to share data with our > network tools. It moves the security ball forward while acknowledging the > reality of network-based defense. Does that work? > >> >> >> 10. Privacy Considerations >> >> "The EPCP specifically addresses the collection of posture data from >> enterprise endpoints by an enterprise network. As such, privacy is >> not going to often arise as a concern for those deploying this >> solution." >> >> - Stongly disagree. If enterprise (or cloud) servers with endpoint >> posture metadata are successfully hacked (they're an attractive target), >> then major privacy issues arise with location/time-of-day association >> with PII for mobile users. In the EU, GDPR protections definitely do >> apply to enterprise networks. >> >> - Recommend changing to: >> >> "The EPCP specifically addresses the collection of posture data from >> enterprise endpoints by an enterprise network. As such, privacy is >> a fundamental concern for those deploying this ECP solution, given >> EU GDPR, California CCPA, and many other privacy regulations. The >> enterprise SHOULD implement and enforce their duty of care." >> > > [jmf] Agreed, thank you for the better words. > >> >> "An enterprise network should limit access to endpoint posture and >> identification information to authorized users." >> >> - Very weak statement. Potentially large number of network admins and >> IT support people may have access to endpoint posture metadata. They >> should always have training about the importance of protecting this >> endpoint posture metadata. >> >> - Recommend changing to: >> >> "An enterprise network SHOULD limit access to endpoint posture and >> identification information to authorized users and SHOULD enforce >> policies that prevent export of endpoint posture metadata to third >> parties (except duly authorized law enforcement personnel)." >> >> [jmf] I like your ideas here. Maybe we can change the edit to read "An > enterprise network SHOULD limit access to endpoint posture and identification > information to authorized users and SHOULD enforce policies that prevent > export of endpoint posture metadata to *unauthorized *third parties". > >> >> Cheers, >> - Ira >> >> > Thanks again, > Jess > >> Ira McDonald (Musician / Software Architect) >> Co-Chair - TCG Trusted Mobility Solutions WG >> Co-Chair - TCG Metadata Access Protocol SG >> Chair - Linux Foundation Open Printing WG >> Secretary - IEEE-ISTO Printer Working Group >> Co-Chair - IEEE-ISTO PWG Internet Printing Protocol WG >> IETF Designated Expert - IPP & Printer MIB >> Blue Roof Music / High North Inc >> http://sites.google.com/site/blueroofmusic >> http://sites.google.com/site/highnorthinc >> mailto: blueroofmusic@gmail.com >> PO Box 221 Grand Marais, MI 49839 906-494-2434 >> >> >> >> On Thu, Jun 27, 2019 at 4:34 PM Karen O'Donoghue <odonoghue@isoc.org> >> wrote: >> >>> Folks, >>> >>> As discussed at our virtual interim on Tuesday, this begins a three week >>> working group last call for: >>> Endpoint Posture Collection Profile >>> https://datatracker.ietf.org/doc/draft-ietf-sacm-ecp/ >>> >>> Please reply to this email thread with an indication that you have read >>> the document, any comments you may have, and your assessment of whether or >>> not it is ready to proceed to publication. >>> >>> DEADLINE: Please reply by Friday 19 July 2019. >>> >>> Thanks! >>> Karen and Chris >>> >>> _______________________________________________ >>> sacm mailing list >>> sacm@ietf.org >>> https://www.ietf.org/mailman/listinfo/sacm >>> >>
- [sacm] WGLC for draft-ietf-sacm-ecp Karen O'Donoghue
- Re: [sacm] WGLC for draft-ietf-sacm-ecp Ira McDonald
- Re: [sacm] WGLC for draft-ietf-sacm-ecp Adam Montville
- [sacm] REMINDER: WGLC for draft-ietf-sacm-ecp Karen O'Donoghue
- Re: [sacm] WGLC for draft-ietf-sacm-ecp Jessica Fitzgerald-McKay
- Re: [sacm] WGLC for draft-ietf-sacm-ecp Jessica Fitzgerald-McKay
- Re: [sacm] WGLC for draft-ietf-sacm-ecp Ira McDonald
- Re: [sacm] REMINDER: WGLC for draft-ietf-sacm-ecp Henk Birkholz